    Lightweight and privacy-friendly spatial data aggregation for secure power supply and demand management in smart grids

    The concept of smart metering allows real-time measurement of power demand which in turn is expected to result in more efficient energy use and better load balancing. However, finely granular measurements reported by smart meters can lead to starkly increased exposure of sensitive information, including various personal attributes and activities. Even though several security solutions have been proposed in recent years to address this issue, most of the existing solutions are based on publickey cryptographic primitives such as homomorphic encryption, elliptic curve digital signature algorithms (ECDSA), etc. which are ill-suited for the resource constrained smart meters. On the other hand, to address the computational inefficiency issue, some masking-based solutions have been proposed. However, these schemes cannot ensure some of the imperative security properties such as consumerā€™s privacy, sender authentication, etc. In this paper, we first propose a lightweight and privacyfriendly masking-based spatial data aggregation scheme for secure forecasting of power demand in smart grids. Our scheme only uses lightweight cryptographic primitives such as hash functions, exclusive-OR operations, etc. Subsequently, we propose a secure billing solution for smart grids. As compared to existing solutions, our scheme is simple and can ensure better privacy protection and computational efficiency, which are essential for smart grids

    Privacy-aware authenticated key agreement scheme for secure smart grid communication

    Information and Communication Technologies (ICT) are one of the underpinning platforms of smart grids, facilitating efficient grid management and operation, optimization of resource utilization, as well as enable new products, features, and services. However, this interconnection of grid technology with ICT leads to various security challenges in the power grid. One such concern is the tampering of usage data from smart meters which may result not only in incorrect billing, but also in incorrect decisions related to demand and supply management. In addition to network based cyber attacks, smart meters are also susceptible to physical attacks since they are installed in customer premises without hardware protection mechanisms. In this paper, we propose a novel privacy-aware authenticated key agreement scheme which can not only ensure secure communication between the smart meters and the service provider, but also the physical security of smart meters. In this regard, we utilize the lightweight cryptographic primitives such as Physically Uncloneable Functions (PUFs) and one-way hash function, etc. Hence, the proposed scheme is suitable even for the resource constrained smart meters

    An efficient data aggregation scheme for privacy-friendly dynamic pricing-based billing and demand-response management in smart grids

    Smart grids take advantage of information and communication technologies to achieve energy efficiency, automation and reliability. These systems allow two-way communications and power flow between the grid and consumers. However, these bidirectional communications introduce several security and privacy threats to consumers. One of the open challenges in this context is user privacy when smart meters are used to capture fine-grained energy usage information. Although considerable research has been carried out in this direction, most of the existing solutions invariably introduce computational complexity and overhead, which makes them infeasible for resource constrained smart meters. In this paper, we propose a privacy-friendly and efficient data aggregation scheme (EDAS) for dynamic pricing based billing and demand-response management in smart grids. To the best of our knowledge, this is the first paper to address privacy in the context of billing under dynamic electricity pricing. Security and performance analyses show that the proposed scheme offers better privacy protection for electric meter reading aggregation and computational efficiency, as compared to existing schemes

    Integrity-Aware Parallelizable Cipher Feedback Mode for Real-time Cryptography

    Conventional Cipher Feedback Mode (CFB) can allow the transmission unit to be shorter than the block-cipher length. Eventually, it causes no delay and even any message expansion unlike the ECB and CBC mode of operation where encryption cannot begin unless and until a complete block of full-length (say 64 bits) plain-text data is available. However, because of stalling during the block encryption, CFB cannot provide low latency, low jitter; these are two imperative properties in the sense of real-time cryptography. For that, it is important that the input stream should not wait for the key-stream to be generated; that means, key-streams are required to be arranged in advance, which cannot be expected in case of the conventional CFB mode. Besides, the conventional Cipher Feedback Mode is also incompetent for such real-time crypto systems, where the integrity of the message is also greatly desirable along with privacy. In this article, we propose a variant of Cipher Feedback Mode, called, Integrity-Aware, Parallelizable Cipher Feedback Mode (IAP-CFB), which can guarantee all the aforesaid requirements, such as, low latency, low jitter, privacy, and integrity assurance, etc

    Privacy-Preserving Collaborative Split Learning Framework for Smart Grid Load Forecasting

    Accurate load forecasting is crucial for energy management, infrastructure planning, and demand-supply balancing. Smart meter data availability has led to the demand for sensor-based load forecasting. Conventional ML allows training a single global model using data from multiple smart meters requiring data transfer to a central server, raising concerns for network requirements, privacy, and security. We propose a split learning-based framework for load forecasting to alleviate this issue. We split a deep neural network model into two parts, one for each Grid Station (GS) responsible for an entire neighbourhood's smart meters and the other for the Service Provider (SP). Instead of sharing their data, client smart meters use their respective GSs' model split for forward pass and only share their activations with the GS. Under this framework, each GS is responsible for training a personalized model split for their respective neighbourhoods, whereas the SP can train a single global or personalized model for each GS. Experiments show that the proposed models match or exceed a centrally trained model's performance and generalize well. Privacy is analyzed by assessing information leakage between data and shared activations of the GS model split. Additionally, differential privacy enhances local data privacy while examining its impact on performance. A transformer model is used as our base learner

    An AI-Driven Secure and Intelligent Robotic Delivery System

    Last-mile delivery has gained much popularity in recent years, it accounts for about half of the whole logistics cost. Unlike container transportation, companies must hire significant number of employees to deliver packages to the customers. Therefore, many companies are studying automated methods such as robotic delivery to complete the delivery work to reduce the cost. It is undeniable that the security issue is a huge challenge in such a system. In this article, we propose an AI-driven robotic delivery system, which consists of two modules. A multilevel cooperative user authentication module for delivering parcel using both PIN code and biometrics verification, i.e., voiceprint and face verification. Another noncooperative user identification module using face verification which detects and verifies the identification of the customer. In this way, the robot can find the correct customer and complete the delivery task automatically. Finally, we implement the proposed system on a Turtlebot3 robot and analyze the performance of the proposed schema. Experimental results show that our proposed system has a high accuracy and can complete the delivery task securely

    Lightweight and Practical Anonymous Authentication Protocol for RFID systems using physically unclonable functions

    Radio frequency identification (RFID) has been considered one of the imperative requirements for implementation of Internet-of-Things applications. It helps to solve the identification issues of the things in a cost-effective manner, but RFID systems often suffer from various security and privacy issues. To solve those issues for RFID systems, many schemes have been recently proposed by using the cryptographic primitive, called physically uncloneable functions (PUFs), which can ensure a tamper-evident feature. However, to the best of our knowledge, none of them has succeeded to address the problem of privacy preservation with the resistance of DoS attacks in a practical way. For instance, existing schemes need to rely on exhaustive search operations to identify a tag, and also suffer from several security and privacy related issues. Furthermore, a tag needs to store some security credentials (e.g., secret shared keys), which may cause several issues such as loss of forward and backward secrecy and large storage costs. Therefore, in this paper, we first propose a lightweight privacy-preserving authentication protocol for the RFID system by considering the ideal PUF environment. Subsequently, we introduce an enhanced protocol which can support the noisy PUF environment. It is argued that both of our protocols can overcome the limitations of existing schemes, and further ensure more security properties. By analyzing the performance, we have shown that the proposed solutions are secure, efficient, practical, and effective for the resource-constraint RFID tag

    An enhanced secure delegation-based anonymous authentication protocol for PCSs

    Rapid development of wireless networks brings about many security problems in portable communication systems (PCSs), which can provide mobile users with an opportunity to enjoy global roaming services. In this regard, designing a secure user authentication scheme, especially for recognizing legal roaming users, is indeed a challenging task. It is noticed that there is no delegation-based protocol for PCSs, which can guarantee anonymity, untraceability, perfect forward secrecy, and resistance of denial-of-service (DoS) attack. Therefore, in this article, we put forward a novel delegation-based anonymous and untraceable authentication protocol, which can guarantee to resolve all the abovementioned security issues and hence offer a solution for secure communications for PCSs

    Bio-AKA: An efficient fingerprint based two factor user authentication and key agreement scheme

    The fingerprint has long been used as one of the most important biological features in the field of biometrics. It is person-specific and remain identical though out oneā€™s lifetime. Physically uncloneable functions (PUFs) have been used in authentication protocols due to the unique physical feature of it. In this paper, we take full advantage of the inherent security features of userā€™s fingerprint biometrics and PUFs to design a new user authentication and key agreement scheme, namely Bio-AKA, which meets the desired security characteristics. To protect the privacy and strengthen the security of biometric data and to improve the robustness of the proposed scheme, the fuzzy extractor is employed. The scheme proposed in the paper can protect userā€™s anonymity without the use of password and allow mutual authentication with key agreement. The experimental results show superior robustness and the simplicity of our proposed scheme has been validated via our performance and security analysis. The scheme can be an ideal candidate for real life applications that requires remote user authentication